Lucene search

VulDBCVELIST:CVE-2017-20039

HistoryJun 11, 2022 - 10:00 a.m.

CVE-2017-20039 SICUNET Access Controller hard-coded password

2022-06-1110:00:24

CWE-259

VulDB

www.cve.org

sicunet

access controller

hard-coded password

vulnerability

cve-2017-20039

remote attack

weak authentication

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.002

Percentile

55.1%

JSON

A vulnerability was found in SICUNET Access Controller 0.32-05z. It has been classified as very critical. This affects an unknown part. The manipulation leads to weak authentication. It is possible to initiate the attack remotely.

CNA Affected

[
  {
    "product": "Access Controller",
    "vendor": "SICUNET",
    "versions": [
      {
        "status": "affected",
        "version": "0.32-05z"
      }
    ]
  }
]

References

seclists.org/fulldisclosure/2017/Mar/25

vuldb.com/?id.98907

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.002

Percentile

55.1%

JSON

Related for CVELIST:CVE-2017-20039